QloudX

QloudX

  • Home
  • What We Do
          • Digital Transformation & Cloud Journey

            We help businesses across the globe to achieve their true digital potential, using cloud technology as an enabler

          • INDUSTRIES/DOMAINS

          • Transportation & Logistics

            FreightTech & LogTech Solutions
          • Retail

            Data Driven Solutions

        • OUR EXPERT AREAS

          • Cloud Implementation

            Migrate, manage and modernize
          • Devops

            Transform how you work
          • Data

            From raw data to insights
          • Cloud Native Development

            Supercharge your software
          • Managed Services

            Keep your environments optimized and secure

        • OTHER THINGS WE DO

          • AI-ML, Blockchain & Emerging Tech
          • Application Modernization
          • Enterprise Integration Platform
          • Serverless Computing
          • Cargowise in the Cloud
          • Well-Architected Solutions
          • Mobile Apps
          • Disaster Recovery as a Service
          • Team Augmentation
  • Resources
    • Case Studies
    • Blog
    • Podcast
  • About Us
  • Careers

A Simple 3 Step Guide to Cross-Account Access in AWS

A Simple 3 Step Guide to Cross-Account Access in AWS

Consider a scenario: you have 2 AWS accounts: dev & prod. You need an IAM user in dev to be able to access resources in prod. This article explains a simple 3-step approach to accomplishing this.

Step 1: Create an IAM Role in Prod

Login to prod as a privileged user & create an IAM role with the permissions that the dev user should have when they assume this role:

Step 2: Allow Dev User to Assume the Prod Role

Next, log out of prod, login to dev as a privileged user & apply an inline policy to the IAM user that should be able to access prod resources:

Provide the ARN of the prod role in the resources section of the policy.

Step 3: Switch Role from Dev to Prod

Next, log out & login to dev as the IAM user & switch role to start accessing prod resources:


Harish KM is a Cloud Evangelist & a Full Stack Engineer at QloudX. 

He is very passionate about cloud-native solutions & using the best tools for his projects. With 10+ cloud & IT certifications, he is an expert in a multitude of application languages & is up-to-date with all new offerings & services from cloud providers, especially AWS.

AWS cross-account iam iam roles Security

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Post navigation

AWS Certification Guide – Identify and Prepare
Sharing Secrets in Secrets Manager with Other AWS Accounts

COMPANY

  • About Us
  • Contact Us
  • Locations
  • Privacy Policy

RESOURCES

  • Case Studies
  • Blog
  • Podcast

Careers

  • Join a Winning Team

Follow Us

linkdin  Linkedin
A SYSTEMS+ Group Company
© 2022 QloudX - all Rights Reserved
Qloudx takes your privacy and security seriously. We use cookies on this site to provide you with the best experience. By closing this banner, scrolling this page, clicking a link or continuing to browse, you agree to the use of cookies. To know more, please feel free to view our Global Privacy Policy. ACCEPT
Privacy & Cookies Policy

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are as essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may have an effect on your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Non-necessary
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
SAVE & ACCEPT